We are all so busy applauding facebook for adding an “always use HTTPS” setting (thanks for finally responding to firesheep, folks), but maybe we should look a little more closely at it before telling the moms of the world to just set it and forget it. The stupid thing turns itself off (and doesn’t turn itself back on) when you go to a non-HTTPS facebook page.
In case you haven’t seen it described on 50,000 websites at this point, here’s the deal with the new “feature:”
Click on “Account” at the upper right of your facebook page and choose “Account Settings” … you’ll get something like this:
Click on “Account Security” and you’ll be able to check the new https box, illustrated here:
note that it says “whenever possible” … this implies that there are some parts of the facebook site that are NOT capable of being served up via https. I have no idea why this is still the case, but it clearly is. The wording would also imply that once you check this box, you will get a https connection “whenever possible” and a http connection when https is not possible. What it DOESN’T say is that the first time you view a non-https page, the box will simply uncheck itself and next time you go to a https-capable page, it’ll be back in vanilla http mode.
So what are these non-https-capable pages? I can’t speak for all of them, but I’d be willing to bet that most of them are “facebook applications.” The only facebook app I use is Scrabble. After checking the https box, I tried to go to Scrabble and I got this page first:
Excellent, right? It is warning me that I’m leaving the safe-and-cozy https-zone. What this warning SHOULD say is “if you hit ‘continue,’ you are permanently turning off the https option.”
Yes, that’s right, once I’m done playing my turn in the http-only-danger-zone of the Scrabble application, I go back to facebook home and I’m back to http.
I went back to check my account settings and I see this:
Well, that’s just fantastic. What’s the point of saying “whenever possible” when it means “until impossible?” This has to be a mistake, and I hope they fix it… then we can all tell our moms to go and re-check the box as it has probably been turned off when they went to play farmville or whatever the hell other pages are non-https.
This was discussed on Tech News Today (first 5 minutes)
UPDATE (2012-05-10): I’ve been less-than-thrilled with the business practices of LifeShield lately. I still am a big fan of their products and services, so these reviews stand true, but if you’d like to know what they are up to, read this blog post.
Full disclosure: LifeShield sent me this camera for review, I did not purchase it.
As you all know from my InGrid/LifeShield security system review, I’m a big fan. I’ve been using the system for a few months now and I’m still very happy with my purchase. I’ve added on a few peripherals of sorts, such as a water detector, which will let me know if my second-floor laundry room is flooding. I had considered buying a network camera to attach to the system, but I just hadn’t gotten around to it yet.
Lucky for me, the folks from LifeShield contacted me and said that they liked my review. “Would you like to do a review of one of our new wireless cameras?” they asked. Not a difficult question to answer, so the camera showed up a few days later.
The camera sells for $129.99 on LifeShield.com
Package includes the camera, the base/mount, AC power adapter and an ethernet cable.
The camera itself has 640×480 resolution.
This appears to be some sort of stock hardware made by a 3rd party as it looks exactly like the wireless camera you can get with the Schlage LiNK system.
Adding the camera to the security system is very simple. Before you can use it wirelessly, you need to power on the camera and plug it into your wired network. The two lights on the front indicate power and network activity, so you can tell pretty quick if it is up and running. Once it is booted up, you simply navigate to Cameras >> Add Camera on the LifeShield handset or base unit. It will scan for a few seconds, find the camera, then allow you to “name” it.
Now that the camera is attached, you need to log on to My LifeShield and you’ll notice that now there is 1 camera listed under the Cameras tab. Click on Camera Settings and you’ll see the options that are available to you. The first thing you’ll probably want to do is adjust the wireless settings so that the camera can connect to your wireless network. It had no problem connecting to my home WPA2-encrypted wireless network.
On the settings page, you can also tell it to flip the image horizontally, vertically, or both, which will open up your camera mounting options. You can also tell it to turn the front LEDs off if you want a stealthier mount. Image quality settings are also available, such as brightness and contrast.
Now that you have the wireless settings nailed down, you can move the camera away from the wired connection and test it out. Make sure that the camera successfully connects to your wireless network by going back to the web UI and telling it to take a test shot. If it all works out honky-dory, feel free to move the camera to where you intend to permanently mount it. Once you plug it in, it should connect to your wifi and you can take another test shot to confirm that it is working.
Now that the camera is set up to view your front door or your kid’s room or the garage, what can you do with it?
There are 2 levels of service for the camera with LifeShield. The basic service is free with the monitoring package you are already paying for, and this is the service I have. I’ll explain what you can do with this service in a moment. The 2nd level of service is $6/month, and it allows you to add special triggers and to view live video and images from the camera remotely. I have not tested this service, but I’ll report here if I decide to activate it.
I have reviewed the basic service, however, and here’s what it can do for you:
- When your alarm is triggered, have the camera take a pic or record video
- Using the new mobile app or the mobile My LifeShield page, you can tell it to take a pic at any time and then view it.
This obviously makes the camera a lot less useful, but if this is all you really want it to do, it is great that it won’t cost you any extra money per month.
I kind of glossed over it quickly, but you may have noticed my mention of the new mobile app from LifeShield. This was just released recently and if you have an Android phone, an iPhone, or a fairly new BlackBerry, you’ll want to install this app. It is a MUCH better experience than the mobile My LifeShield web page. I’ll be writing a review of the app as soon as I can.
As I mentioned before, the camera only produces a 640×480 image, so you won’t be getting a lot of detail here. It is enough to get some idea of what is going on, though. I’d rate the quality as similar to a low-end USB webcam (like an old Logitech QuickCam). Actually, I’m sure the sensor in the camera is the same as is used in webcams. As is the case with webcams, performance is good as long as there is decent light. If you don’t have the camera pointing towards a well-lit area, the image quality will degrade and get extremely noisy very quickly.
…which brings me to my problem with the unit: it doesn’t have IR illuminating LEDs. If you don’t know what I’m talking about, check out this TRENDnet IP Camera. It has a bunch of IR LEDs around the lens that will (invisibly to the naked eye) light up the area in front of the camera. “Night vision,” for lack of a better phrase. Our eyes can’t see IR light but digital camera sensors pick it up just fine. A camera that turns on these LEDs once the lights go out allow you to see what is going on in a pitch-black room. It would look something like this (sample shot from a camera that does have IR illum):
So I ask: what is the point of the camera taking a picture at the time an alarm goes off if there is no IR illumination? Do you expect your thieves to come in during the day, or to turn on all the lights? Chances are good that you’d get a picture of blackness.
That’s a bit disappointing, but probably not a deal breaker. Chances are good that you’re more interested in using this camera for much more casual photos than for catching a crook. If you had this camera mounted in your front hall so you could see people coming in the front door (probably not in pitch-black), you’ll be just fine.
If you are looking for an easy-to-implement home surveillance camera and you don’t want to spend a ton of money, this camera will work just fine. Some people would say “why not just buy an IP camera that is higher resolution and has more options?” Well, if you are asking that question, this camera might not be for you. IP cameras are fine for those of us who know how to set them up and allow access to them from outside our router/firewall, etc, but I don’t think that’s the target audience for this camera. This camera’s biggest selling point, I think, is the ease of setup and use. Unlike a lot of IP cams I’ve used in the past, I haven’t yet had to reboot this camera. It just works, and that’s the most important part.
UPDATE 12-08-2011: I’ve been using this camera a lot more since I realized that it has a web UI. What does this mean? It means I can view live video from the camera from my phone or tablet via a VPN connection and this app IP Cam Viewer. This requires some networking know-how on your part, but it sure beats paying an extra monthly fee to be able to view live video from the camera.
Do you own this camera, and has your experience been different from mine? Please let me know in the comments.
Aruba Network’s new remote office access point, the RAP-2WG, allows an enterprise to securely extend the corporate wireless network to remote offices. While REAP technology is nothing new, the price point on the RAP-2WG certainly is. List price is only $99, and the street price brings its price in line with that of a Linksys WRT54GL. The unit is extremely small, too: about the size of a deck of cards.
How does it work?
The RAP-2WG’s E0 port is connected to the internet connection at the remote or home office. The unit establishes an IPSEC tunnel (using your choice of 3DES or AES) back to the Aruba controller at the main office. Once connected, the controller extends the corporate wireless — including all security policies — to the remote unit. You can also configure the second wired port in any way imaginable – from 802.1x port security, to a vlan bridge, even as an 802.1q trunk. You can also apply an ACL and run the RAP-2WP in split tunnel mode so that client internet traffic doesn’t cross the tunnel.
Enough marketing, how well does it really work?
I tested an Aruba RAP-2WG as follows:
– Aruba OS 18.104.22.168
– 6000 Controller Cluster. The cluster was in regular production mode during this test.
– 100 Mb internet connection
– RedHat 5 running vsftpd – Server
– Ubuntu 10.04 – Client
– Dell D620 with an Intel 4965AGN wifi card
The Test Procedure:
After configuring the RAP-2WG to connect back to the mothership, I connected it to a high-speed remote network. To test the unit’s throughput, I created a file containing 20Mb of random data (testfile.tar.gz); this file would then be transferred via FTP to the client machine.
This technique generally works pretty well, the whole way up to 1Gb/s if you follow these two simple rules:
1) Ignore the results of the first test. The first time you download the file, the server has to read it from disk. Subsequent requests (within a few minutes, at least) will come from the server’s disk cache and be significantly faster.
2) Don’t actually write the file to disk on the client machine, otherwise you’ll just be testing the hard drive speed. The best way to do this is to use wget under Linux. The syntax I prefer is:
# wget -O /dev/null ftp://your-ftp-server.pskl.us/testfile.tar.gz
This will simply dump the data to /dev/null as it comes in. When wget completes, it will give you the average transfer rate in BYTES per second — don’t forget to multiply by 8.
Step 1: Baseline Test
To determine the maximum speed at this site, the client machine was connected directly to the local internet connection using the system’s wired ethernet port. The test file was then transferred ten times and the average bit rate computed.
Average Transfer Rate, No Crypto: 84.64 Mb/s
Step 2: IPSEC AES128, using the Wired port
The test system was then connected to the RAP-2WG’s E1 port. The test file was then transferred ten times and the average bit rate computed.
Average Transfer Rate, IPSEC 128, Wired Port: 2.73 Mb/s
Step 3: IPSEC AES128, Wireless 802.1X PEAP
The test system was then connected wirelessly to the RAP-2WG. The system established a solid connection at 54Mb/s using PEAP/MSCHAP/AES auth/crypto. The test file was then transferred ten times and the average bit rate computed.
Average Transfer Rate, IPSEC 128, Wireless PEAP: 1.821 Mb/s
The RAP-2WG works as promised. The rated IPSEC throughput of the unit is 2Mb/s, which agrees with my findings. The slightly slower throughput over wireless is due to a combination of effects, but most likely a result of the double-encryption (PEAP wifi plus the IPSEC tunnel) that the unit has to handle. The RAP-2WG is inexpensive enough that it can be deployed as a robust VPN solution for staff working from home. You could actually buy RAP-2WGs and hand them out to your staff for about the same cost as buying Cisco VPN licenses for your existing ASA. Yes, that ‘s right. A robust hardware solution for the same price as the competition’s software license.
Aruba, you guys rock.
Those of us at PSKL who enjoy a good first person shooter have been having mixed feelings about the games currently on the market. Let me preface this by saying we’re not new to FPS games. Our love for them dates back to the DOOM/Castle Wolfenstein days, but really took off around the time Unreal Tournament hit the shelves. Since then we’ve tried just about every one of them to hit the pc market (don’t even bring up consoles), most recently with Call of Duty: Modern Warfare 2.
While MW2 is entertaining, it’s lacking. It’s lacking a lot. The single player compaign, while good, is very short. Normally the quality of the single player campaign is in direct relation to the pure awesomness of the multiplayer. The shorter and more unforgetable the single player game, the better the multiplayer is. Usually. Not so in this case. Their matchmaking system is complete garbage. The amount of cheating that goes on in that game is something that’s so blatant and unprecedented that I’ve been speechless numerous times at the amount of cheaters per game. It seems to take their VAC system days to ban players who cheat and even then getting back into the system takes nothing more then 20 dollars on a forum to get a new cd key and signing up for another free Steam account. There have been lots of problems with their P2P game hosting setup where you wait for the 60 second timer to count down the start of a new game only to be kicked from the game for some unknown error or you end up playing a game on a machine that’s apparently on a dial-up connection. All of this leads to an amount of frustration that makes the game more of a job then fun.
Enter Battlefield: Bad Company 2. I’ve been an avid fan of the Battlefield series since the very beginning. I’m not a huge fan of playing games based on military history like Vietnam or World War II. That’s not to say I think the previous games were bad, it just didn’t appeal to me as much as something based on new technology. Everyone has a preference for the games they enjoy and mine happens to be games based on modern or near future warfare. While this game is a sequel, the original Bad Company was only released for consoles (awful idea) so I really don’t have anything to say about that game. I don’t play FPS games on consoles. Period. Bad Company 2 managed to take the Battlefield series and make it fresh again yet also capitalize on the mistakes of IW and the COD franchise.
Let’s start with the single player campaign. It’s ‘OK’. I know you were probably expecting me to rave about it because of my previous statements about Modern Warfare 2, but honestly it’s just ‘OK’. It’s a short campaign that brings back the team from the original Bad Company yet doesn’t really explain what happened previously or why they have the name “Bad Company”. Since I haven’t had any experience with the original, it would have been nice if the two games were tied together a little bit better to bring new players up to speed. It also managed to not get me hooked on the team. The characters are decent, although full of cliche, but at the end of the campaign I still felt like I could care less about what happened to any of them.
With the single player campaign down, it’s time to move on to any FPS fans favorite part. The multiplayer. I’ll admit that I hate EA with such a passion that I normally refuse to play any game they have a part in. They manage to gobble up interesting games and franchises, then fire the original team and turn great titles into crappy games before moving on to the next hot item. I wasn’t thrilled with Dice using EA to distribute the game, but my love for Battlefield trumped my hatred for EA.
All online games have problems at launch. It’s inevitable. Whether it’s MMORPG’s or FPS games or even RTS titles, if they have a centralized server that needs to be contacted to play, chances are it’s going to be overwhelmed on release day and cause problems. BC2 was no exception. Log in problems, server kicks/restarts, lost points, poor performance. All these things plagued BC2 in the first couple of days. If this was any normal title, or a series that was new to the market, it would have spelled doom for the title and franchise. Dice managed to escape by making the best game of the year, and I’ll even go so far as to say the best game in the history of the FPS genre.
BC2’s game play is more immersive then any game I’ve played to date. Everything is done with such thought and detail that it’s hard not to get lost in it. From the deafening noise of a rocket going off next to you, to the creaks of steel support beams of buildings that just had it’s last load bearing wall blown out, everything sounds and looks amazing.
The Frostbite engine gives this game a level terrain destruction that is unprecedented. Everything can, and will be, destroyed. Is there a sniper camped out in a building causing trouble for your squad? No problem, bring the building down with some tank fire. Having a hard time keeping the enemy squad from disarming your m-com charge? Then lace the building with C4 and blow it up while the other team rushes in to try and thwart your efforts.
Everything in this game is hyper-realistic and done very well. The vehicle combat is difficult to learn yet engaging and rewarding. The 4 types of classes are all done well and serve specific purposes while also being able to compete with each other. That’s not to say there aren’t some balance issues, but for the most part they’re well thought out. The reloading animations are some of the best out there and the maps are gigantic. They give the Modern Warfare 2 maps a claustrophobic feeling.
After playing BC2, I’ve gone back to MW2 exactly 0 times. It was a decent game in a good franchise, but I realize now that what made me like Modern Warfare so much was that it was almost what I wanted to play. It was the best game in it’s market at the time and for that I enjoyed the hell out of it. The problem for MW2 now is that Battlefield: Bad Company 2 IS exactly what I wanted from this genre of game. It’s a modern millitary themed game that not only takes personal skill to play but also requires a level of team synergy that makes the multiplayer game much more enjoyable.
Check out the details of our PSKL dedicated BFBC2 server!
NOTE: InGrid recently changed their name to LifeShield, but the equipment and service is still the same as is reviewed here
If you are interested in how I got to this point, check out the first post.
UPDATE (05-10-2012): I’ve been less-than-thrilled with the business practices of LifeShield lately. I still am a big fan of their products and services, so these reviews stand true, but if you’d like to know what they are up to, read this blog post.
UPDATE 10-18-2010: LifeShield has added a few items/features you should know about:
They now sell the cellular backup unit. Add it to your system and your alarms will go through even if your phone lines and internet connection are cut.
They also now offer a smartphone app for the iPhone, Android, and BlackBerry.
One last thing, I’ve reviewed their Wireless Homeview Camera which integrates with the security system.
UPDATE 11-11-2010: The battery in my Siren Detector died already, which is odd, but the good news is that it uses the same batteries as the door/window sensor: a CR2450 coin-cell battery. These can be purchased from amazon.com for pretty cheap…I bought a 5-pack for under $7 shipped.
UPDATE 12-08-2011 – THIS IS AN IMPORTANT ONE: In the past year LifeShield has changed their business plan a lot. As you read the review below, bear in mind that the following things are now the case for new customers:
- They no longer sell the base systems outright, they are free-ish and subsidized by a…
- Minimum 3 year contract. Sign up for a 5 year contract and your monthly rate will be cheaper (of course). Minimum $35/month for a 3 year contract, minimum $30/month for 5 year. One nice thing about being on contract is that the hardware is completely supported by LS, even including the batteries in your sensors.
- There is a (minimum) $99 activation fee. It can be higher if you select certain options, such as the Cellular Backup unit
All this being said, it is still a decent deal. If I were security-system shopping today (instead of 2 years ago), I’d probably still go with LifeShield. I recommend you call the competition and get a quote, then check out LifeShield and see how it compares. If you are handy enough to install the system yourself (and you are… it isn’t hard), I think you’ll end up being happier with the LifeShield system.
As I discussed in the last post, I decided to go with the InGrid (LifeShield) security system. I ordered up all the parts I wanted and waited for them to arrive. Before you even receive your hardware, you can set up your account with the web portal (http://myingrid.com/). You create a password for accessing the account as well as other security questions. All of this can be edited later but you might as well get it out of the way now. Once you finish, you can poke around the site and see what kind of settings are available to you. Interesting, but I just couldn’t wait for the hardware to arrive so that I could get started with…
The packaging and documentation were all very impressive. There’s a great attention to detail they show here and it does not go unappreciated. The photo above shows all the stuff I got to start with, although I might add more later. It includes some very nice signs which I think I’ll be leaving in the box. Letting people know you have an alarm system is one thing, letting them know exactly what kind you have is another. Maybe I’ll put up some Brinks signs or something. When you open up the big box, you get this:
A paper telling you, among other things, that “specialty sensors” can’t be added until 24 hours after system activation. No problem, plenty of other sensors to install first. It ended up being less than 24 hours for me anyway. Also included is a CD with PDFs of all the manuals. Then you get to the meat of the system:
The numbered boxes make it even easier than I thought it would be. These 4 units make up the backbone of your security system. They are already associated with each other so there is no “syncing” to be done with these items. Just follow the simple instructions for each box (basically, connect the internal backup battery and plug it in) and you are good to go. Here is a shot of the book showing how simple the instructions are:
As I mentioned, all of the items have internal backup batteries. Supposedly, the batteries will last around 24 hours if your power goes out. They are all simple rechargeable-phone-type batteries that you can buy at WalMart. First up is the base unit:
This guy is the real brain of the operation. You plug it into your internets and into your phone system (VOIP, in my case). It has a cradle for charging the phone unit, but the phone also comes with a charging base, so you don’t NEED to use this to charge the phone. I prefer hiding this somewhere out of sight so that nobody knows where to look to disable your system. If you are using your phone system as a backup, two of the other parts have phone jacks (the Console and the Grid Extender)…which means that this unit could be destroyed but either of those units could still phone home to the monitoring service. That’s part of what is so cool about this system…it is so decentralized.
Next up is the Handset and charger. Here is a pic next to a soda can for size reference:
This handset has all the functionality of the Console, which is up next:
Either the handset or the console can be used to arm the system, disarm the system, view the status of sensors, and act as a phone (the console acts as a speakerphone). You can set the console on a countertop or mount it on the wall. It needs to be connected to AC power at all times (the battery is really just for backup purposes) so you are somewhat limited in mounting options. These units are also used for adding sensors and other goodies to the system. We’ll get into that shortly. I should also mention that you can view your current weather on either of these units as well as any “weather alerts.” Neato.
I didn’t take a photo of the grid extender… it isn’t very exciting. Basically a brick that you plug into the wall. As I mentioned before, it has a phone jack which will be used to call the monitoring center if other systems fail. The grid extender also does what the name implies… it physically extends the network for sensors and other devices to be recognized by your system, so you should take that into account when deciding where to place all this stuff. You can even put a grid extender in your neighbor’s house (with permission, of course) and plug it into their phone line. That way, a thief would have to cut your internets, your phone, AND your neighbor’s phone to stop the system from calling in an alarm. If power, phone, and cable are knocked out for your entire neighborhood…well… I guess you are SOL… but InGrid says they have a GSM backup module coming soon, so you’ll be able to breathe easy (UPDATE: the GSM backup module is now available from lifeshield.com)
Once you have these 4 items powered up, you can activate your system online with myingrid.com. Very simple process that involves getting a code from the website and then entering it into your handset. Done. Now you can start adding open/closed sensors to your windows and doors. Here’s a little video introduction to the open/closed sensors, followed by a video I made explaining the very simple process of adding a sensor to your security system:
You can add a bunch of these sensors and then sit down at your computer and name them appropriately from there (if you don’t want to do it from the handset or console).
Once the 24 hours have passed, you’ll get an email to tell you that your system has been activated and you are now in “Practice Mode” for 7 days… which means that any alarm you set off won’t call the monitoring system. So you have 7 days fool around and see how things work without being afraid that the cops will show up and yell at you. This activation email also means you can install your other sensors and dealies. In my case, that meant keyfobs, a siren detector, and a motion detector.
Here are a few videos showing my experience with those 3 addons:
All of that was pretty painless, right? I was a bit annoyed at how the motion sensor integrates with the system, so it gave me an excuse to call their tech support. The problem is that it logs motion events whether the system is armed or not. I understand that concept with door/window sensors, but not with motion sensors… The idea is to keep them in living spaces, so that means you’ll be tripping it all day long. Every time it senses motion, the console and the handset both display “Open: Motion Sensor” as if it is a window you keep opening and closing. My event log on myingrid.com very quickly just gets spammed with these “events.” Sure, I can filter the event log, but I shouldn’t have to. I asked tech support about it and they basically told me that it “isn’t a big deal” and that’s just how it works. They are right, it isn’t a “big deal,” but it IS annoying. There should at least be an OPTION to set it so that motion detector events only get logged (or noticed at all) when the system is armed. Working the way it does, I’m going to put a cover over my motion detector and only take it off when I leave the house or go to bed at night.
Now that the system is up and running, the only thing left to do is give you a quick tour of the myInGrid web UI. The following slideshow takes you through a bunch of the important screens. Many of the features shown here are also available via their mobile-friendly version of the myInGrid site, including being able to look at content grabbed by the cameras attached to your system (I really need to get one of their cameras). If you move your mouse over the slideshow, the controls pop up at the bottom which will allow you to pause it or move forward or backwards in the slideshow. The caption on each screenshot explains what you are looking at.
View the screenshots here if you want to look more closely.
I already mentioned the cameras they offer to integrate with the system. They have a few other items that I don’t (yet) own, but you should know about:
- Glass break sensors – these recognize the sound of glass breaking and trigger the alarm
- Water/temperature sensors – these are convenience sensors that alert you to a change in temperature and/or water where it shouldn’t be. I need one of these for our upstairs laundry room.
- Smoke/heat detectors – you can use these rather than the siren detector I’m using.
I’m hoping that they’ll release some new products soon, such as:
- A thermostat – would be killer to be able to see the current temperature and change the desired settings remotely
- Light/appliance controls – or just add a module that supports X10 stuff
- An outdoor camera – preferably wireless. If it is wired, make it support PoE and include a power injector. Seriously. I will pay for this.
- A doorbell. This would be interesting to log events on, and it could just ring through all the same units that chirp when a door opens.
- How about a module with a dry contact interface so we can start to have some REAL fun with this thing…
So that’s pretty much it… If you have any questions that I have not answered, feel free to ask in the comments and I’ll do my best. Aside from the motion detector silliness, I think this is the perfect home security system…well, it is perfect when used in conjunction with the .44 Desert Eagle I keep in my bedroom. Maybe I should put a picture of THAT in my yard rather than the InGrid signs…